Date: Sun, 19 Apr 2015 22:21:00 -0400
From: Dan McDonald <danmcd@...iti.com>
To: oss-security@...ts.openwall.com
Cc: Dan McDonald <danmcd@...iti.com>
Subject: CVE request
Illumos bug #5853 (https://www.illumos.org/issues/5853), now fixed, can be exploited to escalate privilege. It's not easy to do so, but it is enough to cause concern and ask for a CVE number.
At least two distros already have this fix in place. I'd appreciate a CVE number (and if possible a way to request these on a non-public list... sorry if I missed the FAQ).
Thanks,
Dan McDonald -- OmniOS Engineering & illumos Security POC